Solution Summit - Part 3 - A Data Science Approach to Cloud Security

This session will examine how modern data science and machine learning technologies can be applied to cloud security to address scalability and protection from the increasingly complex threat landscape. Such techniques can be leveraged to continuously monitor cloud activity and identify threats related to compromised accounts or malicious activity. These techniques can also be used to dynamically identify new cloud apps and services, and improve accuracy of automated content inspection - ensuring that sensitive data is properly handled in the cloud. By leveraging these modern tools, enterprise organizations can improve their overall security posture while reducing the amount of time and effort required from their security professionals.

DNS has always seemed to have a “last mile” security issue. Communications from a local DNS served to a client are typically unencrypted and not secure, leaving this traffic vulnerable to spoofing, hijacking and more. But privacy standards and protocols are emerging which are helping to encrypt this traffic. Join Infoblox and (ISC)2 on October 3, 2019 at 1:00PM Eastern for an examination of DNS over TLS (DoT) and DNS over HTTPS (DoH). The discussion will include the pros and cons of the two protocols, what option might make sense for your security & risk requirements and simple ways to secure your network and DNS.

(ISC)² will hold its 2019 Security Congress in Orlando, Fl Oct 28th – 30th. This conference will bring together a global community of cybersecurity professionals and more than 180 educational sessions. One of the 18 tracks at the conference will focus on Security Automation and the role that Machine Learning and Artificial Intelligence is playing in securing organizations of all sizes. On September 24, 2019 at 1 p.m. Eastern, join (ISC)² and several speakers who’ll be presenting in the Security Automation track on the Impact of Machine Learning on Cyber Security and Ethical Bias in AI-Based Security Systems as they preview their sessions and discuss why security automation is a leading concern for cyber security practitioners to understand.

(ISC)² recently completed our multi-year Digital End-to-End Transformation (DETE) project, which positions us to deliver a more a seamless and user-friendly experience to all members. In addition to revamping our online presence, we launched a new Learning Management Systems where members can access all the courses developed by our Professional Development Institute. In Part 3 of the (ISC)² Digital End-to-End Transformation (DETE) webcast, we will examine the “new world” of what the project has provided to internal (how we serve the members and visitors), the members (what you as members see and experience) and what’s to come. Join Wes Simpson, COO and Bruce Beam, CIO on September 17, 2019 at 1:00PM Eastern for a discussion on these items and a Q&A with our COO and CIO.

Today’s network environment can feel like a Cold War-era novel, full of who’s watching whom scenarios and heavily protected intelligence communications. Visibility is critical to an organization’s security posture, and encrypted channel communications can become an obstacle to it when gets to the wrong eyes. Decryption can illuminate what is hidden and restores the advantage you need to see what’s lurking in the shadows. Join Gigamon and (ISC)2 on September 5, 2019 at 1PM Eastern for an examination of decryption best practices, a review of encryption methodologies, the obstacles that impact security, resources and regulatory compliance and what’s changed with TLS 1.3 and how this newer protocol impacts visibility.

Infrastructure as a service (IaaS) has quickly risen to prominence because of the way that it provides enhanced flexibility and scalability to organizations around the world. However, using IaaS platforms like AWS, Azure, or GCP does require that organizations take responsibility for an increased amount of security in the cloud. Fortunately, there are tools designed to help with doing this properly. Join Bitglass and (ISC)² on August 29, 2019 at 1:00PM Eastern for a presentation on the various components of leading IaaS platform, what your organization is responsible for when it comes IaaS security and how Cloud Access Security Brokers (CASB) can help.

You know that metadata helps you separate signal from noise, reduce time-to-threat-detection and improve overall security efficacy. But did you know that application metadata helps you monitor user experience, troubleshoot problematic apps, understand “Shadow IT” usage and improve security posture within your organization? Join Gigamon and (ISC)² on August 22, 2019 at 1:00 PM Eastern as we discuss the growing need for application-aware network operations and how Gigamon Application Metadata Intelligence provides the deep application visibility needed to rapidly pinpoint performance bottlenecks and potential network security risks. You’ll see how next-gen network packet brokers enhance metadata with intelligence and insights from traffic flows and discover how to understand the performance and control of hundreds of critical apps.

(ISC)² recently completed our multi-year Digital End-to-End Transformation (DETE) project, which positions us to deliver a more a seamless and user-friendly experience to all members. In addition to revamping our online presence, we launched a new Learning Management Systems where members can access all the courses developed by our Professional Development Institute. In Part 2 of the (ISC)² Digital End-to-End Transformation (DETE) will examine how (ISC)² executed the plan for the project, following the AGILE Project Management framework and the buy-in and support from other departments and stake holders within the organization. Additionally, there was board governance and oversight to contend with. Join Bruce Beam, CIO; Beth Paredes, Sr. Corporate Member Services Manager; and Sommer Hess, Director PMO, Quality and Training on August 20, 2019 at 1:00PM Eastern for a discussion on these items and the speed bumps that were run into on this project.

(ISC)² will hold its 2019 Security Congress in Orlando, Fl Oct 28th – 30th. This conference will bring together a global community of cybersecurity professionals and more than 180 educational sessions. One of the 18 tracks at the conference will focus on Privacy and the challenges organizations and practitioners face in this area. On Aug. 13, 2019 at 1 p.m. Eastern, join (ISC)² and several speakers who’ll be presenting in the Privacy track on GDPR, the role of AI in Privacy and the upcoming California Consumer Privacy Act (CCPA) at Security Congress as they preview their sessions and discuss why privacy has coming a critical area for cyber security practitioners to understand.

The rise of SaaS applications has forever changed the way that work is completed in the modern enterprise. These apps enable real-time collaboration, enhanced flexibility and efficiency, as well as decreased costs. Join Bitglass and (ISC)2 on August 1, 2019 at 1:00PM Eastern for an engaging webinar where we’ll look at the significance of SaaS apps and how to prioritize their security, how to protect data within managed applications and detect and secure the use of unmanaged applications.

(ISC)² will hold its Security Congress 2019 in Orlando, FL October 28th – 30th. This conference will bring together 3000+ attendees and over 180 educational sessions. One of the 18 tracks that are being offered with focus on Cloud Security and the challenges practitioners face when dealing with all things cloud related. On July 23, 2019 at 1:00PM Eastern, join (ISC)² and several of the speakers who’ll be presenting in the Cloud track as we preview their sessions, get an idea of what will be discussed and discuss the state of cloud security today.

(ISC)² recently completed our multi-year Digital End-to-End Transformation (DETE) project, which positions us to deliver a more a seamless and user-friendly experience to all members. In addition to revamping our online presence, we launched a new Learning Management Systems where members can access all the courses developed by our Professional Development Institute. The road to DETE, however, took years of planning and execution as our team modernized our infrastructure and back-end systems, including migrating the majority of key systems to the cloud. In Part One of this series examining the journey the organization undertook, Bruce Beam, CIO, will discuss the rationale behind the initiative and steps taken to gain approval from the board of directors. Join us on July 16, 2019 at 1 p.m. Eastern as we begin this three-part, in-depth case study of how (ISC)² accomplished this ambitious project.

Information security and incident response teams are often hampered by an inability to see what is happening on the network. That lack of visibility mean they cannot confidently detect threats or respond quickly and effectively. A new approach that consolidates fundamental network detection and response capabilities using enriched metadata collected from sensors in physical, virtual and cloud environments is helping security teams minimize mean-time-to-detection and response. How can you achieve accelerated threat detection and response through broad situational awareness fueled by real-time access to historical metadata? Join Gigamon and (ISC)2 on July 11, 2019 at 1PM Eastern as we dive into metadata’s critical role in incident detection and response strategies and how to best use metadata to focus incident response efforts through data correlation and enrichment.

Organizations are flocking to the cloud more than ever before. The use of the cloud continues to proliferate throughout enterprises around the world and organizations are searching for how they can best assure they are properly protecting their data. After all, the rise of software as a service (SaaS) and infrastructure as a service (IaaS), has fundamentally changed the cybersecurity and business landscapes. Join Bitglass and (ISC)2 on June 27, 2019 at 1:00PM Eastern for an examination of the challenges of securing the cloud and BYOD, the shared model or responsibility for security and how cloud access security brokers (CASBs) can protect data.

Having access to new technology and intelligence to allow proactive response to the threats will change the way teams protect their environments. Harness the massive computing power of Backstory integrated with the powerful insights from VirusTotal to process petabytes worth of data in almost real-time. Watch a step-by-step demo of how Chronicle's security solutions, working with partners like Tenable, can help your organization be better prepared and connected for what comes onto your network.

The August 2018 GAO Report on the Equifax breach disclosed that while they used a tool for network layer decryption, their certificates were nine months out of date. This lapse gave the threat actors the time they needed to break in and exfiltrate reams of personal data. Once the certs were updated on their decryption tools, they realized what happened. A lesson learned from this is the importance of efficient decryption for effective threat detection. Join Gigamon and (ISC)2 on June 6, 2019 at 1PM Eastern for a discussion about how SSL/TLS encryption has become a threat vector, why decryption is essential to security and how to effectively perform detection and how to make sure your detection tools are working at their greatest capacity without the latency introduced by decryption.

Get a deeper look into malware campaigns using VirusTotal's newest tools. Learn from the expert how to use the platform and how best to leverage the data available to you and your security team. By better understanding the breadth and depth of malicious campaigns, researchers can better investigate and mitigate impact. Recently introduced improved relational metadata as well as expanded retroactive and proactive hunting capabilities allow investigators to dive deep into malware within a global data source.

Data capture, storage, and usage continues to grow at exponential rates. As a result, and in an effort to obtain operational efficiencies, many new organizations are “born in the cloud”, while for others, the migration of data and data driven business processes to cloud environments continues to escalate rapidly. The use of third party database and related cloud service offerings to support cloud and hybrid environments is also growing and evolving. However, security teams consistently report concerns with respect to the lack visibility and oversight of their data in the cloud. Typical questions being asked by CISOs are complex and not easy to answer. Join Imperva and (ISC)2 on May, 23, 2019 at 1:00PM Eastern for an examination of these questions and how to address them effectively.

Securing your infrastructure can sometimes feel like navigating a ship at night in a storm, with pirates attacking. An occasional flash of lightning allows a quick glimpse of the intruders, but you never really know when or from where the next attack is coming. What if you could illuminate the best path forward? A centralized platform gives you a single window with pervasive visibility into all network traffic – both north-south and east-west which allows improvement to the effectiveness and efficiency of all your security tools and better manage SSL decryption as well as NetFlow generation. Join Gigamon and (ISC)2 on May 2, 2019 at 1:00PM for a discussion on how to discover applications on your network you didn’t know where there, spotting potential security vulnerabilities before they become a problem and see a live demo of how you can optimize security and network performance.

In this era of rapid modern application development, organizations often deploy code into production with critical vulnerabilities that often lead to exploitation by cybercriminals. These bad actors are on the look-out, scanning for vulnerabilities that will allow them to establish a silent foothold into your environment. Join Imperva and (ISC)2 on April 25, 2019 at 1:00PM Eastern and discover a defense in depth security strategy to protect your most valuable web applications and your business from damaging cyber-attacks.

Today, most security teams struggle to identify and locate threats in their networks. Without the ability to find the bad actors in the network, security teams are unable to be effective in their roles. Organizations need tools to link intelligence about threats in the wild, threats in your network, and understand unique signals from both. In this webcast, we’ll examine the latest trends and downfalls in this space, and how Chronicle, an Alphabet company, is looking to solve them at a global scale with a focus on speed and efficacy. We’ll also have a demo of the Chronicle security platform, Backstory and how it can help streamline your security.